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REMARKS 



Claims 20-38 are pending and stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Baehr, et al. (US 5,802,320) in view of Rosotoker, et al. (US 
5,708,659). This amendment is presented to place the case in a condition for allowance, 
and entry and early allowance are respectfully requested, 

By way of this amendment, the independent claims have been amended to clarify 
that the invention as claimed comprises an array of firewall devices, in which each 
firewall device has two edges through which connections may be made through the 
firewall device. Moreover, the edge connection that interfaces the device with the IP- 
compliant network includes a set of virtual hosts in which each of the individual virtual 
hosts provide a "distinct home through which a fully bi-directional connection may be 
made". 

The "fully bi-directional" limitation has been added to clarify the functionality of 

the virtual hosts. According to the specification at [0038] states: 

In the following description, the present firewall is illustrated most often as 
a rectangle having along each of two edges thereof a network connection and a 
row of boxes representing multiple "homes," corresponding to respective virtual 
hosts. A virtual host along one edge may be used to initiate a connection only in 
response to a request from the network connection that enters the firewall at that 
edge. The connection, once established, is fully bi-directional, with the same 
virtual host passing data between the originating network connection and the 
network connection at the opposite edge of the firewall. 

The ability for each of the virtual hosts to facilitate fully bi-directional connections 
is in stark contrast to the teachings of Baehr. 
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Applicants note that the "virtual host" of Baehr in fact functions as a "screen", and 

is not intended to facilitate fully bi-directional communications with outside networks. In 

fact, the specification states: 

As indicated above, the screening system preferably does not even have an IP or 
other network address, and while it can interpret IP protocol, it is configured not to 
respond to IP requests. Thus, the screening system avoids detection and hence 
targeting by intruders. (Col. 6, lines 12-16) 



The fact that the screening system has no network address (IP or otherwise) 
enables it to carry out its security functions anonymously; notably, it does not act 
as a conventional network bridge. If the screen 340 provided the functions of a 
bridge, it would have to respond to IP commands, and hence would be detectable 
and targetable. (Col. 8, lines 28-33) 

Thus, the screening system virtual host does not appear as a "distinct home 
through which a connection can be made", or facilitate "fully bi-directional connections", 
as presently claimed. In fact, the above language appears to preclude the virtual host of 
the Baehr system from operating in a manner as presently claimed and it is believed that 
the pending independent claims are allowable for at least this reason. 

Applicants respectfully submit that the systems of the cited art of record does not 
provide multiple homes capable of facilitating fully bi-directional connections in a single 
device. It is respectfully submitted that the independent claims are allowable for at least 
these reasons, and the dependent claims are allowable for at least the reason of being 
dependent upon an allowable base claim. Reconsideration and allowance is respectfully 
requested. 

If the Examiner has any questions regarding this application or this response, the 
Examiner is requested to telephone the undersigned at 775-848-5624. 
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